Hi! First of all, can you provide output of 'doveconf -n'? It's much cleaner to read and shows what's really there?
Aki On 22.1.2019 17.57, Ted wrote: > Hello, > > We're having difficulty with our updated cluster of dovecot servers > accessing the email storage on the NFS mounts. It seems index files get > corrupted when 2 backend mailservers access the same account, and from > documentation setting up a director proxy in front of the backup > servers. I'm trying to just set up a straight proxy first, which the > documents say is the first step, and although I can see the connections > coming into the server when I try to login via the proxy, the connection > times out and there are no logs from dovecot anywhere saying what > happened to the connection. > > The configs I have set up for this in dovecot are: > > dovecot.conf > > # Protocols we want to be serving. > protocols = imap pop3 > > #when re-enabling quota enforcement add quota in below: > mail_plugins = $mail_plugins mail_log notify > > protocol imap { > # Space separated list of plugins to load (default is global > mail_plugins). > #when re-enabling quota enforcement add imap_quota in below: > mail_plugins = $mail_plugins > } > > > # A comma separated list of IPs or hosts where to listen in for > connections. > # "*" listens in all IPv4 interfaces, "::" listens in all IPv6 interfaces. > # If you want to specify non-default ports or anything more complex, > # edit conf.d/master.conf. > #listen = *, :: > > # Base directory where to store runtime data. > #base_dir = /var/run/dovecot/ > > # Name of this instance. In multi-instance setup doveadm and other commands > # can use -i <instance_name> to select which instance is used (an > alternative > # to -c <config_path>). The instance name is also added to Dovecot processes > # in ps output. > #instance_name = dovecot > > # Greeting message for clients. > login_greeting = Welcome to easyMail. > > shutdown_clients = yes > > # Most of the actual configuration gets included below. The filenames are > # first sorted by their ASCII value and parsed in that order. The > 00-prefixes > # in filenames are intended to make it easier to understand the ordering. > !include conf.d/*.conf > > # A config file can also tried to be included without giving an error if > # it's not found: > !include_try local.conf > > service auth { > unix_listener auth-master { > mode = 0600 > user = vmail > } > } > > conf.d/10-auth.conf > > ## > ## Authentication processes > ## > # Username formatting before it's looked up from databases. You can use > # the standard variables here, eg. %Lu would lowercase the username, %n > would > # drop away the domain if it was given, or "%n-AT-%d" would change the > '@' into > # "-AT-". This translation is done after auth_username_translation changes. > auth_username_format = %Lu > > # Space separated list of wanted authentication mechanisms: > # plain login digest-md5 cram-md5 ntlm rpa apop anonymous gssapi otp skey > # gss-spnego > # NOTE: See also disable_plaintext_auth setting. > auth_mechanisms = plain login > # > # Password database is used to verify user's password (and nothing more). > # You can have multiple passdbs and userdbs. This is useful if you want to > # allow both system users (/etc/passwd) and virtual users to login without > # duplicating the system users into virtual database. > # > # <doc/wiki/PasswordDatabase.txt> > # > # User database specifies where mails are located and what user/group IDs > # own them. For single-UID configuration use "static" userdb. > # > # <doc/wiki/UserDatabase.txt> > > #!include auth-deny.conf.ext > #!include auth-master.conf.ext > > #!include auth-system.conf.ext > #!include auth-sql.conf.ext > #!include auth-ldap.conf.ext > #!include auth-passwdfile.conf.ext > #!include auth-checkpassword.conf.ext > #!include auth-vpopmail.conf.ext > !include auth-static.conf.ext > > conf.d/auth-static.conf.ext > > # Static passdb. Included from auth.conf. > > # This can be used for situations where Dovecot doesn't need to verify the > # username or the password, or if there is a single password for all users: > # > # - proxy frontend, where the backend verifies the password > # - proxy backend, where the frontend already verified the password > # - authentication with SSL certificates > # - simple testing > > passdb static { > driver = static > args = nopassword=y > default_fields = proxy=y host=10.5.10.121 > } > > > #passdb { > # driver = static > # args = password=test > #} > > #userdb { > # driver = static > # args = uid=vmail gid=vmail home=/home/%u > #} > > conf.d/10-logging.conf > > ## > ## Log destination. > ## > > # Log file to use for error messages. "syslog" logs to syslog, > # /dev/stderr logs to stderr. > #log_path = syslog > > # Log file to use for informational messages. Defaults to log_path. > #info_log_path = > # Log file to use for debug messages. Defaults to info_log_path. > #debug_log_path = > > # Syslog facility to use if you're logging to syslog. Usually if you don't > # want to use "mail", you'll use local0..local7. Also other standard > # facilities are supported. > #syslog_facility = mail > > ## > ## Logging verbosity and debugging. > ## > > # Log unsuccessful authentication attempts and the reasons why they failed. > auth_verbose = yes > > # In case of password mismatches, log the attempted password. Valid > values are > # no, plain and sha1. sha1 can be useful for detecting brute force password > # attempts vs. user simply trying the same password over and over again. > # You can also truncate the value to n chars by appending ":n" (e.g. > sha1:6). > #auth_verbose_passwords = no > > # Even more verbose logging for debugging purposes. Shows for example SQL > # queries. > auth_debug = yes > > # In case of password mismatches, log the passwords and used scheme so the > # problem can be debugged. Enabling this also enables auth_debug. > #auth_debug_passwords = no > > # Enable mail process debugging. This can help you figure out why Dovecot > # isn't finding your mails. > mail_debug = yes > > # Show protocol level SSL errors. > verbose_ssl = yes > > # mail_log plugin provides more event logging for mail processes. > plugin { > # Events to log. Also available: flag_change append > #mail_log_events = delete undelete expunge copy mailbox_delete > mailbox_rename > # Available fields: uid, box, msgid, from, subject, size, vsize, flags > # size and vsize are available only for expunge and copy events. > #mail_log_fields = uid box msgid size > } > > > I'm basically expecting this to forward the login requests on to > 10.5.10.121 when I try to access the email account through the proxy. > When I attempt this I am able to see the connections in a tcp dump, but > dovecot does not log anything about the attempt. I clearly must be > missing something, can you let me know what I need to do or check? > > Thank you > Ted > easyDNS Technologies >